OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/extensions/extension_protocols.h" | 5 #include "chrome/browser/extensions/extension_protocols.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 | 8 |
9 #include "app/resource_bundle.h" | 9 #include "app/resource_bundle.h" |
10 #include "base/file_path.h" | 10 #include "base/file_path.h" |
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
70 // Factory registered with URLRequest to create URLRequestJobs for extension:// | 70 // Factory registered with URLRequest to create URLRequestJobs for extension:// |
71 // URLs. | 71 // URLs. |
72 static URLRequestJob* CreateExtensionURLRequestJob(URLRequest* request, | 72 static URLRequestJob* CreateExtensionURLRequestJob(URLRequest* request, |
73 const std::string& scheme) { | 73 const std::string& scheme) { |
74 ChromeURLRequestContext* context = | 74 ChromeURLRequestContext* context = |
75 static_cast<ChromeURLRequestContext*>(request->context()); | 75 static_cast<ChromeURLRequestContext*>(request->context()); |
76 | 76 |
77 const ResourceDispatcherHostRequestInfo* info = | 77 const ResourceDispatcherHostRequestInfo* info = |
78 ResourceDispatcherHost::InfoForRequest(request); | 78 ResourceDispatcherHost::InfoForRequest(request); |
79 | 79 |
80 // Don't allow extension resources to be loaded from origins which are not | 80 // Extension resources should only be loadable from web pages which the |
81 // present in the extension's effective host permissions with the exception | 81 // extension has host permissions to (and therefore could be running script |
82 // of empty origins and extension schemes. | 82 // in, which might need access to the extension resources). |
83 if (!info->frame_origin().empty() && | 83 // |
84 !GURL(info->frame_origin()).SchemeIs(chrome::kExtensionScheme)) { | 84 // chrome:// pages are exempt. We allow them to load any extension resource. |
| 85 // This is used for, eg, the app launcher in the NTP. |
| 86 // |
| 87 // chrome-extension:// pages are also exempt, mostly for legacy reasons. Some |
| 88 // extensions did this to integrate with each other before we added this code. |
| 89 GURL origin_url(info->frame_origin()); |
| 90 if (!origin_url.is_empty() && |
| 91 !origin_url.SchemeIs(chrome::kChromeUIScheme) && |
| 92 !origin_url.SchemeIs(chrome::kExtensionScheme)) { |
85 ExtensionExtent host_permissions = | 93 ExtensionExtent host_permissions = |
86 context->GetEffectiveHostPermissionsForExtension(request->url().host()); | 94 context->GetEffectiveHostPermissionsForExtension( |
| 95 request->url().host()); |
87 if (!host_permissions.ContainsURL(GURL(info->frame_origin()))) | 96 if (!host_permissions.ContainsURL(GURL(info->frame_origin()))) |
88 return new URLRequestErrorJob(request, net::ERR_ADDRESS_UNREACHABLE); | 97 return new URLRequestErrorJob(request, net::ERR_ADDRESS_UNREACHABLE); |
89 } | 98 } |
90 | 99 |
91 // Don't allow toplevel navigations to extension resources in incognito mode. | 100 // Don't allow toplevel navigations to extension resources in incognito mode. |
92 // This is because an extension must run in a single process, and an | 101 // This is because an extension must run in a single process, and an |
93 // incognito tab prevents that. | 102 // incognito tab prevents that. |
94 // TODO(mpcomplete): better error code. | 103 // TODO(mpcomplete): better error code. |
95 if (context->is_off_the_record() && | 104 if (context->is_off_the_record() && |
96 info && info->resource_type() == ResourceType::MAIN_FRAME) | 105 info && info->resource_type() == ResourceType::MAIN_FRAME) |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
152 | 161 |
153 return new URLRequestFileJob(request, resource.GetFilePath()); | 162 return new URLRequestFileJob(request, resource.GetFilePath()); |
154 } | 163 } |
155 | 164 |
156 void RegisterExtensionProtocols() { | 165 void RegisterExtensionProtocols() { |
157 URLRequest::RegisterProtocolFactory(chrome::kExtensionScheme, | 166 URLRequest::RegisterProtocolFactory(chrome::kExtensionScheme, |
158 &CreateExtensionURLRequestJob); | 167 &CreateExtensionURLRequestJob); |
159 URLRequest::RegisterProtocolFactory(chrome::kUserScriptScheme, | 168 URLRequest::RegisterProtocolFactory(chrome::kUserScriptScheme, |
160 &CreateUserScriptURLRequestJob); | 169 &CreateUserScriptURLRequestJob); |
161 } | 170 } |
OLD | NEW |